On Mon, Mar 4, 2024 at 7:32 PM Petr Vorel <pvorel@xxxxxxx> wrote: > > From: NeilBrown <neilb@xxxxxxxx> > > Support for broadcast RPC involves binding a second privileged > > port. It is possible that rpcbind might choose a port that some > > other service will need, and that can cause problems. > > > Having this port open increases the attack surface of rpcbind. RPC > > replies can be sent to it by any host, and they will only be rejected > > once they have been parsed enough to determine that the xid doesn't > > match. > > > Boardcast is not widely used. It is not used at all for NFS. For NIS > > (previously yellow pages) it can be used to find a local NIS server, > > though this can also be statically configured. > > > In cases where broadcast-RPC is not needed, it is best to disable the > > port. This patch adds a new "-b" option to disable broadcast RPC. > > If this feature is wanted, I would suggest "-B". "-b" is used in ping for > broadcast, therefore this option looks like *enabling* broadcast instead of > disabling. I agree with Petr... ... could you please add the comment about NIS/YP in the manpage too ? And what about NIS+ ? ---- Bye, Roland -- __ . . __ (o.\ \/ /.o) roland.mainz@xxxxxxxxxxx \__\/\/__/ MPEG specialist, C&&JAVA&&Sun&&Unix programmer /O /==\ O\ TEL +49 641 3992797 (;O/ \/ \O;)
